Try sending without request_object in authorization request fails
Created BuildRedirectToAuthorizationEndpoint to generate the authorization url with claims, nonce, state, client_id, etc.
Added new FAPI-RW-ID2 and FAPI-RW-ID2-OB tests that send without "request_object" in authorization request for private_key_jwt and mtls_client_auth authentication. The expected result that server must reject for all of these tests.
Added these tests to test plans (fapi-rw-id2-with-mtls-test-plan, fapi-rw-id2-with-private-key-and-mtls-holder-of-key-test-plan, fapi-rw-id2-ob-with-mtls-test-plan and fapi-rw-id2-ob-with-private-key-and-mtls-holder-of-key-test-plan).
closes #68 (closed)
Edited by Vinh Le Quoc